�PNG
IHDR��;���IDATx��ܻn�0���K��
�)(�pA������7�LeG{�� �§㻢|��ذaÆ
6lذaÆ
6lذaÆ
6lom��$^�y���ذag�5bÆ
6lذaÆ
6lذa{����
6lذaÆ
�`����}H�Fkm�,�m����Ӫ���ô�ô!��x�|'ܢ˟;�E:���9�&ᶒ�}�{�v]�n&�6�
�h��_��t�ڠ͵-ҫ���Z;��Z$�.�P���k�ž)�!��o���>}l�eQfJ�T��u і���چ��\��X=8��Rن4`Vw�l�>����n�G�^��i�s��"ms�$�u��i��?w�bs[m�6�K4���O���.�4��%����/����b�C%��t��M�ז� �-l�G6�mrz2���s�%�9��s@���-�k�9�=���)������k�B5����\��+͂�Zsٲ��Rn��~G���R���C������wIcI��n7jJ���hۛNCS|���j0��8y�iHKֶۛ�k�Ɉ+;Sz������L/��F�*\��Ԕ�#"5��m�2��[S��������=�g��n�a�P�e�ғ�L��
lذaÆ
6l�^k��̱aÆ
6lذaÆ
6lذa;����
�_��ذaÆ
6lذaÆ
6lذaÆ
���R���IEND�B`
�
�c�`c@s�dZdgZddlZddlmZddlmZddlmZddl m
Z
mZmZm
Z
mZdefd��YZdS( s<�FirewallCommand class for command line client simplificationtFirewallCommandi����N(terrors(t
FirewallError(t
DBusException(tcheckIPnMaskt
checkIP6nMaskt check_mact
check_porttcheck_single_addresscBs�eZeed�Zd�Zd�Zd�Zd�Zd�Zd+d�Z
d+d�Zd+d�Zd+d d
�Z
d+d�Zd+d�Zd+d+ed
�Zed�Zed�Zed�Zed�Zed�Zd+ed�Zed�Zed�Zd�Zdd�Zed�Zd�Zd�Zd�Zd�Zd�Z d�Z!d+gd �Z"d!�Z#d"�Z$d#�Z%d$�Z&d%�Z'd&�Z(d'�Z)d(�Z*d)�Z+d*�Z,RS(,cCs(||_||_t|_d|_dS(N(tquiettverbosetTruet'_FirewallCommand__use_exception_handlertNonetfw(tselfR R
((s4/usr/lib/python2.7/site-packages/firewall/command.pyt__init__#s cCs
||_dS(N(R(RR((s4/usr/lib/python2.7/site-packages/firewall/command.pytset_fw)scCs
||_dS(N(R (Rtflag((s4/usr/lib/python2.7/site-packages/firewall/command.pyt set_quiet,scCs|jS(N(R (R((s4/usr/lib/python2.7/site-packages/firewall/command.pyt get_quiet/scCs
||_dS(N(R
(RR((s4/usr/lib/python2.7/site-packages/firewall/command.pytset_verbose2scCs|jS(N(R
(R((s4/usr/lib/python2.7/site-packages/firewall/command.pytget_verbose5scCs1|dk r-|jr-tjj|d�ndS(Ns
(R
R tsyststdouttwrite(Rtmsg((s4/usr/lib/python2.7/site-packages/firewall/command.pyt print_msg8scCs1|dk r-|jr-tjj|d�ndS(Ns
(R
R RtstderrR(RR((s4/usr/lib/python2.7/site-packages/firewall/command.pytprint_error_msg<�scCs=d}d}tjj�r,|||}n|j|�dS(Ns[91ms[00m(RRtisattyR(RRtFAILtEND((s4/usr/lib/python2.7/site-packages/firewall/command.pyt
print_warning@s
icCs:|dkr|j|�n
|j|�tj|�dS(Ni(R!RRtexit(RRt exit_code((s4/usr/lib/python2.7/site-packages/firewall/command.pytprint_and_exitGs
cCs|j|d�dS(Ni(R$(RR((s4/usr/lib/python2.7/site-packages/firewall/command.pytfailRscCs0|dk r,|jr,tjj|d�ndS(Ns
(R
R
RRR(RR((s4/usr/lib/python2.7/site-packages/firewall/command.pytprint_if_verboseUsc
Cs1|jdk r|jj�ng}
d}g}x�|D]�}
|dk r�y||
�}
Wq�tk
r�}tjt|��}t|�dkr�|jd|�n|j d||�||kr�|j
|�n|d7}q8q�Xn|
j
|
�q8Wx�|
D]�}
g}|dk r(||7}nt|
t�rXt|
t
�rX|j
|
�n
||
7}|dk r{||7}n|j�y||�Wnttfk
r�}t|t�r�|j|j��|j�}nt|�}tj|�}|tjtjtjtjgkr$d}nt|�dkrJ|jd|�n5|dkrk|jd|�dS|j d||�||kr�|j
|�n|d7}nX|j�qW| s-t|�|ks�d|kr�dSt|�dkrtj|d�q-t|�dkr-tjtj�q-ndS(NiisWarning: %ss Error: %s(RR
tauthorizeAllt ExceptionRtget_codetstrtlenR!R$tappendt
isinstancetlistttupletdeactivate_exception_handlerRtfail_if_not_authorizedt
get_dbus_nametget_dbus_messageRtALREADY_ENABLEDtNOT_ENABLEDtZONE_ALREADY_SETtALREADY_SETtactivate_exception_handlerRR"t
UNKNOWN_ERROR(Rtcmd_typetoptiont
action_methodtquery_methodtparse_methodtmessaget
start_argstend_argstno_exittitemst_errorst_error_codestitemRtcodet call_item((s4/usr/lib/python2.7/site-packages/firewall/command.pyt__cmd_sequenceYsr
c Cs&|jd|||||d|�dS(NtaddRB(t_FirewallCommand__cmd_sequence(RR;R<�R=R>R?RB((s4/usr/lib/python2.7/site-packages/firewall/command.pytadd_sequence�scCs/|jd|||||d|gd|�dS(NRJR@RB(RK(RtxR;R<�R=R>R?RB((s4/usr/lib/python2.7/site-packages/firewall/command.pytx_add_sequence�sc
Cs8|jd|||||d|gd|gd|�dS(NRJR@RARB(RK( RtzoneR;R<�R=R>R?ttimeoutRB((s4/usr/lib/python2.7/site-packages/firewall/command.pytzone_add_timeout_sequence�sc Cs&|jd|||||d|�dS(NtremoveRB(RK(RR;R<�R=R>R?RB((s4/usr/lib/python2.7/site-packages/firewall/command.pytremove_sequence�scCs/|jd|||||d|gd|�dS(NRRR@RB(RK(RRMR;R<�R=R>R?RB((s4/usr/lib/python2.7/site-packages/firewall/command.pytx_remove_sequence�sc
Cs|g}x�|D]�}|dk r�y||�}Wq�tk
r�} t|�dkrj|jd| �q
q�tjt| ��}
|jd| |
�q�Xn|j|�q
Wx�|D]�}g}|dk r�||7}nt |t
�rt |t�r|j|�n
||7}|j�y||�}Wn�t
k
r�} |j| j��tj| j��}
t|�dkr�|jd| j��q�q|jd| j�|
�nbtk
r} tjt| ��}
t|�dkr�|jd| �q|jd| |
�nX|j�t|�dkrQ|jd||d|f�q�|j|�q�W|sxtjd�ndS( NisWarning: %ss Error: %ss%s: %stnotyesi(RUsyes(R
R(R+R!RR)R*R$R,R-R.R/R0RR1R2R3R8Rtprint_query_resultRR"(
RR;R=R>R?R@RBRCRFRRGRHtres((s4/usr/lib/python2.7/site-packages/firewall/command.pyt__query_sequence�sR
"cCs |j||||d|�dS(NRB(t _FirewallCommand__query_sequence(RR;R=R>R?RB((s4/usr/lib/python2.7/site-packages/firewall/command.pytquery_sequence�sc Cs)|j||||d|gd|�dS(NR@RB(RZ(RRMR;R=R>R?RB((s4/usr/lib/python2.7/site-packages/firewall/command.pytx_query_sequence�scCsft|�rbt|�rbt|�rb|jd�oEt|�dkrbttjd|��n|S(Nsipset:is8'%s' is no valid IPv4, IPv6 or MAC address, nor an ipset(RRRt
startswithR+RRtINVALID_ADDR(Rtvalue((s4/usr/lib/python2.7/site-packages/firewall/command.pytparse_source�s
" t/cCs�y|j|�\}}Wn'tk
rBttjd|��nXt|�sdttj|��n|dkr�ttjd|��n||fS(NsTbad port (most likely missing protocol), correct syntax is portid[-portid]%sprotocolttcptudptsctptdccps''%s' not in {'tcp'|'udp'|'sctp'|'dccp'}(RbRcRdRe(tsplitt
ValueErrorRRtINVALID_PORTRtINVALID_PROTOCOL(RR_t separatortporttproto((s4/usr/lib/python2.7/site-packages/firewall/command.pyt
parse_ports
c
CsFd}d}d}d}d}xd||kr,||jdd�d}|t|�d7}d||kr�||jdd�d} n
||} |t| �d7}|dkr�| }q!|dkr�| }q!|dkr�| }q!|dkr�| }q!|d kr|rq!ttjd
|��q!W|sHttjd��n|scttjd��n|pl|s�ttjd
��nt|�s�ttj|��n|dkr�ttjd|��n|r�t|�r�ttj|��n|r6t d|�r6|st d|�r6ttj
|��q6n||||fS(Nit=it:RkRlttoportttoaddrtifsinvalid forward port arg '%s'smissing portsmissing protocolsmissing destinationRbRcRdRes''%s' not in {'tcp'|'udp'|'sctp'|'dccp'}tipv4tipv6(stcpsudpssctpsdccp(R
RfR+RRtINVALID_FORWARDRRhRiRR^(
RR_tcompatRktprotocolRpRqtitopttval((s4/usr/lib/python2.7/site-packages/firewall/command.pytparse_forward_portsT
cCs_|jd�}t|�dkr/|ddfSt|�dkrE|Sttjd|��dS(NRniitisinvalid ipset option '%s'(RfR+RRtINVALID_OPTION(RR_targs((s4/usr/lib/python2.7/site-packages/firewall/command.pytparse_ipset_optionHs cCsDddg}||kr@ttjd|dj|�f��n|S(NRsRts'invalid argument: %s (choose from '%s')s', '(RRtINVALID_IPVtjoin(RR_tipvs((s4/usr/lib/python2.7/site-packages/firewall/command.pytcheck_destination_ipvRs cCsUy|jdd�\}}Wn#tk
rAttjd��nX|j|�|fS(NRois(destination syntax is ipv:address[/mask](RfRgRRtINVALID_DESTINATIONR�(RR_tipvtdestination((s4/usr/lib/python2.7/site-packages/firewall/command.pytparse_service_destinationZs
cCsGdddg}||krCttjd|dj|�f��n|S(NRsRttebs'invalid argument: %s (choose from '%s')s', '(RRR�R�(RR_R�((s4/usr/lib/python2.7/site-packages/firewall/command.pyt check_ipvbs cCsGdddg}||krCttjd|dj|�f��n|S(NR|RsRts'invalid argument: %s (choose from '%s')s', '(RRR�R�(RR_R�((s4/usr/lib/python2.7/site-packages/firewall/command.pytcheck_helper_familyjs cCsc|jd�s(ttjd|��nt|jdd��dkr_ttjd|��n|S(Nt
nf_conntrack_s('%s' does not start with 'nf_conntrack_'R|isModule name '%s' too short(R]RRtINVALID_MODULER+treplace(RR_((s4/usr/lib/python2.7/site-packages/firewall/command.pytcheck_modulers cCs|j�}|j�}tt|j�|��}|j�}|j�} |j�}
|j�}|j �}|j
�}
|j�}|j�}|j
�}|j�}|j�}g}|dk r�||kr�|jd�q�n|s�|r|jd�n|r%|ddj|�}n|j|�|jr`|jd|�|jd|�n|jd|�|jd|r�d nd
�|jddj|��|jd
dj|��|jddjt| ���|jddjg|
D]}d|d|df^q���|jddjt|���|jd|rVd nd
�|jddjg|
D](\}}}}d||||f^qt��|jddjg|D]}d|d|df^q���|jddj|��|jddj|��dS(Ntdefaulttactives (%s)s, s summary: s description: s
target: s icmp-block-inversion: %sRVRUs interfaces: t s sources: s services: s ports: s%s/%siis
protocols: s masquerade: %ss forward-ports: s
s$port=%s:proto=%s:toport=%s:toaddr=%ss source-ports: s icmp-blocks: s rich rules:
(t getTargettgetIcmpBlockInversiontsortedtsett
getInterfacest
getSourcestgetServicestgetPortstgetProtocolst
getMasqueradetgetForwardPortstgetSourcePortst
getIcmpBlockstgetRichRulestgetDescriptiontgetShortR
R,R�RR
(RROtsettingstdefault_zonetextra_interfacesttargetticmp_block_inversiont
interfacestsourcestservicestportst protocolst
masqueradet
forward_portstsource_portsticmp_blockstrulestdescriptiontshort_descriptiont
attributesRkRlRpRq((s4/usr/lib/python2.7/site-packages/firewall/command.pytprint_zone_info|sX
- 7 -c
Cs�|j�}|j�}|j�}|j�}|j�}|j�}|j�} |j|�|jr�|jd| �|jd|�n|jddj g|D]}
d|
d|
df^q���|jddj |��|jd dj g|D]}
d|
d|
df^q���|jd
dj |��|jddj g|j
�D]\}}d||f^q]��dS(
Ns summary: s description: s ports: R�s%s/%siis
protocols: s source-ports: s modules: s destination: s%s:%s(R�R�R�t
getModulesR�tgetDestinationsR�RR
R�RC(
RtserviceR�R�R�R�tmodulesR�tdestinationsR�Rktktv((s4/usr/lib/python2.7/site-packages/firewall/command.pytprint_service_info�s*
- - cCs�|j�}|j�}|j�}t|�dkrEddg}n|j|�|jr�|jd|�|jd|�n|jddj|��dS(NiRsRts summary: s description: s destination: R�(R�R�R�R+RR
R�(RticmptypeR�R�R�R�((s4/usr/lib/python2.7/site-packages/firewall/command.pytprint_icmptype_info�s
c
Cs�|j�}|j�}|j�}|j�}|j�}|j|�|jrw|jd|�|jd|�n|jd|�|jddjg|j�D](\}} | r�d|| fn|^q���|jddj|��dS(Ns summary: s description: s type: s options: R�s%s=%ss entries: ( tgetTypet
getOptionst
getEntriesR�R�RR
R�RC(
RtipsetR�t
ipset_typetoptionstentriesR�R�R�R�((s4/usr/lib/python2.7/site-packages/firewall/command.pytprint_ipset_info�s
=c Cs�|j�}|j�}|j�}|j�}|j�}|j|�|jrw|jd|�|jd|�n|jd|�|jd|�|jddjg|D]}d|d|d f^q���dS(
Ns summary: s description: s
family: s
module: s ports: R�s%s/%sii(R�t getModulet getFamilyR�R�RR
R�( RthelperR�R�tmoduletfamilyR�R�Rk((s4/usr/lib/python2.7/site-packages/firewall/command.pytprint_helper_info�s
cCs*|r|jd�n|jdd�dS(NRVRUi(R$(RR_((s4/usr/lib/python2.7/site-packages/firewall/command.pyRW�scCs�|js�n|j|�tjt|��}|tjtjtjtj gkri|j
d|�n|jd||�dS(NsWarning: %ss Error: %s(RR1RR)R*RR4R5R6R7R!R$(Rtexception_messageRG((s4/usr/lib/python2.7/site-packages/firewall/command.pytexception_handler�s
cCs,d|kr(d}|j|tj�ndS(NtNotAuthorizedExceptions`Authorization failed.
Make sure polkit agent is running or run the application as superuser.(R$RtNOT_AUTHORIZED(RR�R((s4/usr/lib/python2.7/site-packages/firewall/command.pyR1�scCs
t|_dS(N(tFalseR(R((s4/usr/lib/python2.7/site-packages/firewall/command.pyR0scCs
t|_dS(N(RR(R((s4/usr/lib/python2.7/site-packages/firewall/command.pyR8scCs�g}t�}t|�}xu|D]m}|s2Pn|j�}t|�dks"|ddkrfq"n||kr"|j|�|j|�q"q"W|j�|S(Niit#t;(R�R�(R�topentstripR+R,RJtclose(RtfilenameR�tentries_settftline((s4/usr/lib/python2.7/site-packages/firewall/command.pytget_ipset_entries_from_files
"
N(-t__name__t
__module__R�RRRRRRR
RRR!R$R%R&RKRLRNRQRSRTRZR[R\R`RmR{RR�R�R�R�R�R�R�R�R�R�RWR�R1R0R8R�(((s4/usr/lib/python2.7/site-packages/firewall/command.pyR"sT J2 2
1 (t__doc__t__all__RtfirewallRtfirewall.errorsRtdbus.exceptionsRtfirewall.functionsRRRRRtobjectR(((s4/usr/lib/python2.7/site-packages/firewall/command.pyts (